Method for providing end-to-end security over signaling plane in mission critical data communication system

ABSTRACT

The present disclosure relates to a pre-5th-Generation (5G) or 5G communication system to be provided for supporting higher data rates Beyond 4th-Generation (4G) communication system such as Long Term Evolution (LTE). Embodiments herein provide method and system for end-to-end security over signaling plane in a mission critical data (MCData) communication system. The proposed method includes various ways of securing MCData data payload transmitted over signaling plane using short data service (SDS). The proposed method allows usage of multiple security keys to encrypt the MCData SDS message as per the requirements. Various Keys such as, signaling plane key or media plane key or a dedicated MCData data payload signaling key can be used independently or in a combination thereof to achieve the desired security context. The proposed method allows protection of all the application level components with the signaling plane security context.

CROSS-REFERENCE TO RELATED APPLICATION(S)

This application is a continuation application of prior application Ser.No. 16/481,324, filed on Jul. 26, 2019, which is a U.S. National Stageapplication under 35 U.S.C. § 371 of an International application numberPCT/KR2018/001223, filed on Jan. 29, 2018, which is based on and claimedpriority of an Indian patent application number 201741003145, filed onJan. 27, 2017, in the Indian Intellectual Property Office, and of anIndian patent application number 201741003145, filed on Jan. 24, 2018,in the Indian Intellectual Property Office, the disclosure of each ofwhich is incorporated by reference herein in its entirety.

TECHNICAL FIELD

The embodiment herein generally relates to mission critical data(MCData) communication system and more particularly relates to a methodand system for providing end-to-end security over signaling plane inMCData communication system.

BACKGROUND ART

To meet the demand for wireless data traffic having increased sincedeployment of 4G (4^(th)-Generation) communication systems, efforts havebeen made to develop an improved 5G (5^(th)-Generation) or pre-5Gcommunication system. Therefore, the 5G or pre-5G communication systemis also called a ‘beyond 4G network’ or a ‘post LTE system’.

The 5G communication system is considered to be implemented in higherfrequency (mmWave) bands, e.g., 60 GHz bands, so as to accomplish higherdata rates. To decrease propagation loss of the radio waves and increasethe transmission distance, the beamforming, massive multiple-inputmultiple-output (MIMO), full dimensional MIMO (FD-MIMO), array antenna,an analog beam forming, large scale antenna techniques are discussed in5G communication systems.

In addition, in 5G communication systems, development for system networkimprovement is under way based on advanced small cells, cloud radioaccess networks (RANs), ultra-dense networks, device-to-device (D2D)communication, wireless backhaul, moving network, cooperativecommunication, coordinated multi-points (CoMP), reception-endinterference cancellation and the like.

In the 5G system, hybrid FSK and QAM modulation (FQAM) and slidingwindow superposition coding (SWSC) as an advanced coding modulation(ACM), and filter bank multi carrier (FBMC), non-orthogonal multipleaccess (NOMA), and sparse code multiple access (SCMA) as an advancedaccess technology have been developed.

Public safety networks are used for mission critical (MC)data/voice/video communications. The MC communication may includedefined set of MCData services. Such MCData services typically build onexisting third generation partnership project (3GPP) transportcommunication mechanisms provided by the evolved packet system (EPS)architectures to establish, maintain, and terminate the actualcommunication path(s) among the users. Typically, a MCData serverprovides centralized support for such MCData services. The MCData serverfurther can facilitate or govern MCData communication among varioususers part of the network.

In an alternate deployment, such MCData services can be off-network. Insuch deployments the MCData devices communicate directly with each otherwithout a server for centralized support for the service.

The MCData services are designed to provide one-to-one, one-to-many, andgroup communications between users. In the present scenario, the publicsafety community requires services beyond voice i.e. data and videoapplications. MCData makes frequent use of a set of capabilities andenablers that allows for many end user services to be built on a commonplatform. A Short data service (SDS) feature is one such capability foruse in the MCData Service. The SDS can be used on its own or incombination with other services, or may be used by other services torealize certain features such as sharing of a location, presence-likedata, and command instructions to perform specific operations.

The SDS of MCData allows sharing data such as short text messages orapplication data like binaries or application triggers and so on. MCDataallows sharing of such SDS messages over both signaling plane and mediaplane. As with any mission critical communication, security is essentialto protect the sensitive data and the confidentially is required to bemaintained between the devices exchanging data.

The conventional systems for MC communication provide end-to-endsecurity solutions only for media plane and for signaling plane. Thesignaling plane protection always terminates between the MCData UE andnetwork entities (such as MCPTT server and others). Hence effectivesecurity methods are necessary to support the SDS communication and itsassociated features over signaling plane.

The above information is presented as background information only tohelp the reader to understand the present invention. Applicants havemade no determination and make no assertion as to whether any of theabove might be applicable as prior art with regard to the presentapplication.

DISCLOSURE Technical Problem

The principal aspect of the embodiments herein is to provide a methodand system for providing end-to-end security over signalling plane inMCData communication system.

Another aspect of the embodiments herein is to provide encryption andintegrity protection to MC signalling parameters in a short data service(SDS) message with a signalling plane security context.

Another aspect of the embodiments herein is to provide encryption to aMCData Data payload in the SDS message using a media plane securitycontext for performing one-to-one communication.

Another aspect of the embodiments herein is to provide encryption to aMCData Data payload in the SDS message using a media plane securitycontext for performing a group communication.

Technical Solution

Accordingly embodiments herein provide a method and system forend-to-end security over signalling plane in a mission critical data(MCData) communication system. The method includes identifying, by atransmitting MCData user equipment (UE), MC signalling parameters in ashort data service (SDS) message. The method includes applying, by thetransmitting MCData UE, at least one of encryption and integrityprotection to the MC signalling parameters in the SDS message with asignalling plane security context. The method includes applying, by thetransmitting MCData UE, at least one of encryption and integrityprotection to a MCData Data payload in the SDS message using a mediaplane security context for performing one of one-to-one communicationand group communication with a receiving MCData UE over the signallingplane.

In an embodiment, the encryption and integrity protection to the MCDataData payload in the SDS message is applied using the media planesecurity context with a private call key (PCK) generated at thetransmitting MCData UE for one-to-one communication.

In an embodiment, an identifier for PCK (PCK-ID) is appended to each ofthe SDS message for one-to-one communication.

In an embodiment, the encryption and integrity protection to the MCDatadata payload in the SDS message is applied using the media planesecurity context with a symmetric group master key (GMK) received from agroup management server (GMS) for the group communication.

In an embodiment, an identifier for group key identifier (GMK-ID) isappended to each of the SDS message for the group communication.

A transmitting mission critical data (MCData) user equipment (UE) forproviding end-to-end security over signalling plane in a missioncritical data (MCData) communication system, the transmitting MCData UEcomprises a MC Data protection engine configured for identifying, by atransmitting MCData User Equipment (UE), MC signalling parameters in ashort data service (SDS) message. The MCData protection engineconfigured for applying at least one of encryption and integrityprotection to the MC signalling parameters in the SDS message with asignalling plane security context. Further, the MCData protection engineconfigured for applying at least one of encryption and integrityprotection to a MCData Data payload in the SDS message using a mediaplane security context for performing one of one-to-one communicationand group communication with a receiving MCData UE over the signallingplane.

These and other aspects of the embodiments herein will be betterappreciated and understood when considered in conjunction with thefollowing description and the accompanying drawings. It should beunderstood, however, that the following descriptions, while indicatingpreferred embodiments and numerous specific details thereof, are givenby way of illustration and not of limitation. Many changes andmodifications may be made within the scope of the embodiments hereinwithout departing from the spirit thereof, and the embodiments hereininclude all such modifications.

DESCRIPTION OF DRAWINGS

This method is illustrated in the accompanying drawings, throughoutwhich like reference letters indicate corresponding parts in the variousfigures. The embodiments herein will be better understood from thefollowing description with reference to the drawings, in which:

FIG. 1A illustrates an example MCData communication system in whichEnd-to-End security is provided for a short data service (SDS) messageover signalling plane in one-to-one communication, according to anembodiment as disclosed herein;

FIG. 1B illustrates an example MCData communication system in whichEnd-to-End security is provided for the SDS message over signaling in agroup communication, according to an embodiment as disclosed herein;

FIG. 2 is a block diagram illustrating various hardware components of atransmitting MCData User Equipment (UE), according to an embodiment asdisclosed herein;

FIG. 3 is a flow diagram illustrating a method for providing theEnd-to-End security for the short data service (SDS) message oversignaling plane, according to an embodiment as disclosed herein;

FIG. 4 illustrates a Generic MCData SDS message format, according to anembodiment as disclosed herein;

FIG. 5 illustrates a MCData SDS message format with point-to-pointencryption, according to an embodiment as disclosed herein;

FIG. 6 illustrates a MCData SDS message format with end-to-endencryption, according to an embodiment as disclosed herein;

FIG. 7 illustrates a MCData SDS message format with end-to-endencryption, according to an embodiment as disclosed herein; and

FIG. 8 illustrates another MCData SDS message format with end-to-endencryption, according to an embodiment as disclosed herein.

MODE FOR INVENTION

Various embodiments of the present disclosure will now be described indetail with reference to the accompanying drawings. In the followingdescription, specific details such as detailed configuration andcomponents are merely provided to assist the overall understanding ofthese embodiments of the present disclosure. Therefore, it should beapparent to those skilled in the art that various changes andmodifications of the embodiments described herein can be made withoutdeparting from the scope and spirit of the present disclosure. Inaddition, descriptions of well-known functions and constructions areomitted for clarity and conciseness.

Also, the various embodiments described herein are not necessarilymutually exclusive, as some embodiments can be combined with one or moreother embodiments to form new embodiments. Herein, the term “or” as usedherein, refers to a non-exclusive or, unless otherwise indicated. Theexamples used herein are intended merely to facilitate an understandingof ways in which the embodiments herein can be practiced and to furtherenable those skilled in the art to practice the embodiments herein.Accordingly, the examples should not be construed as limiting the scopeof the embodiments herein.

As is traditional in the field, embodiments may be described andillustrated in terms of blocks which carry out a described function orfunctions. These blocks, which may be referred to herein as managers,units or modules or the like, are physically implemented by analogand/or digital circuits such as logic gates, integrated circuits,microprocessors, microcontrollers, memory circuits, passive electroniccomponents, active electronic components, optical components, hardwiredcircuits and the like, and may optionally be driven by firmware andsoftware. The circuits may, for example, be embodied in one or moresemiconductor chips, or on substrate supports such as printed circuitboards and the like. The circuits constituting a block may beimplemented by dedicated hardware, or by a processor (e.g., one or moreprogrammed microprocessors and associated circuitry), or by acombination of dedicated hardware to perform some functions of the blockand a processor to perform other functions of the block. Each block ofthe embodiments may be physically separated into two or more interactingand discrete blocks without departing from the scope of the disclosure.Likewise, the blocks of the embodiments may be physically combined intomore complex blocks without departing from the scope of the disclosure.

The term “transmitting” and “receiving” herein are used merely forlabelling purpose and can be used interchangeably without departing fromthe scope of the embodiments.

Throughout the document, the term ‘protect’ refers to encryption and/orintegrity protection. Further throughout this document, the terms ‘mediaplane security context’ and ‘end to end security context’ will have samemeaning and are used interchangeably.

Prior to describing the embodiments in detail, various detailspertaining to the embodiments are presented herein.

The Key provisioning and establishment of the signaling plane and mediaplane security context for MC services (e.g., MCPTT service) includingMCData service is performed as described in 3GPP TS 33.179 and 3GPP TS33.180. The following are the keys that are used in proposed method:

Signaling plane key: This key is used for protecting (encryption and/orintegrity protection) mission critical application information sent oversignalling plane. This invention suggests using this key for protecting(encryption and/or integrity protection) information that should be madeavailable at the mission critical servers (point-to-point protection).For example, the key established between the MC client and the MCservers.

Media plane key: This key is conventionally used for protecting(encryption and/or integrity protection) mission critical user payloadsent over media plane. This invention suggests using this key forprotecting information, such as user payload, that should be not beavailable at the unauthorized mission critical servers (end-to-endprotection). For example, the key established directly between the MCclients, or through the key management server (KMS) and/or Groupmanagement server.

Dedicated MCData data payload signaling key: This key is derived by akey management server (KMS) and/or group management server (GMS) and isprovisioned to the MC client on the MCData UE using various mechanismsdescribed in 3GPP TS 33.179 and TS 33.180, and is exclusively used forprotecting MCData Data payload transmitted over the signalling plane.

The MCData signaling parameters and Data signaling payloads areprotected as follows:

Unicast MCData signaling parameters and Data signaling payloads betweenclient and server are protected using the CSK.

MCData signaling parameters and Data signaling payloads between twooffline clients are protected using a PCK.

MCData signaling parameters and data signaling payloads between a groupof offline clients are protected using a GMK.

The MCData Data payloads are protected as follows:

a) MCData Data payloads end-to-end protected between two online clientsare protected using a PCK.

b) MCData Data payloads end-to-end protected between two offline clientsare protected using a PCK.

c) MCData Data payloads end-to-end protected between a group of onlineclients are protected using a GMK distributed by a GMS.

d) MCData Data payloads end-to-end protected between a group of offlineclients are protected using a GMK distributed by a GMS.

The embodiments herein provide a method and system for end-to-endsecurity over signaling plane in a MCData communication system. Themethod includes identifying, by a transmitting MCData user equipment(UE), MC signaling parameters in a short data service (SDS) message. Themethod includes encrypting and integrity protecting, by the transmittingMCData UE, the MC signaling parameters in the SDS message with asignaling plane security context. The method includes applying, by thetransmitting MCData UE, protection to a MCData Data payload in the SDSmessage using a media plane security context for performing one ofone-to-one communication and group communication with a receiving MCDataUE over the signalling plane.

In various embodiments, the end-to-end protection of the SDS message ofMCData is achieved using the media plane security context even thoughSDS message is communicated over the signaling plane with or withoutsignaling plane security context.

In some embodiments, for end-to-end protection of the short data service(SDS) message over signaling plane, the media plane security context isestablished and utilized. The transmitting MCData UE includes thenecessary information of the media plane security context which is usedfor the protection of SDS of MCData over the signaling plane for thereceiving MCData UE to decrypt and/or integrity protection verification.

In various embodiments, MCData data payload of SDS message is protectedusing the media plane security context or using a dedicated MCData Datapayload signaling key. Further, the signaling plane security context isapplied along with other application level components. This secures theMCData Data payload from points of exchange (SIP and MCData servers) andallows a confidential exchange of MCData Data payload between the MCDataUEs from unauthorized network entities. The MCData server can store theencrypted or ciphered MCData Data payload and transmits the encryptedMCData Data payload to authorized entities (i.e., receiving MCData UEs)for lawful interception.

In some embodiments, the MCData Data payload of the SDS message isprotected using the media plane security context or using a dedicatedMCData Data payload signaling key. Further, MC Signaling parameters andMCData Data signalling payload are protected using the signaling planesecurity. This secures the MCData Data payload from points of exchange(SIP and MCData servers) and allows a confidential exchange of MCDataData payload between the MCData UEs. The MCData server stores theciphered MCData Data payload and transmits the MCData Data payload toauthorized entities for lawful interception.

Referring now to the drawings, and more particularly to FIGS. 1A through8, there are shown preferred embodiments.

FIG. 1A illustrates an example MCData communication system in whichend-to-end security is provided for a short data service (SDS) messageover signalling plane in one-to-one communication, according to anembodiment as disclosed herein.

Before describing the embodiments in detail, the MCData communicationsystem is described herein briefly. In general, as shown in FIGS. 1A-1B,a MCData communication system 100 includes a transmitting MCData UE 102a, a group of receiving MCData UEs 102 b-102 n and a MCData server 104in a network 106. The MCData server 104 serves as a centralized serverto enable the network 106 to provide MCData service to MCData UEs 102a-102 n.

In some examples, the network 106 includes 3GPP E-UTRAN access elements(not shown) and 3GPP E-UTRAN core elements (not shown). For example, thetransmitting MCData UE 102 a gains access to the network 106 through aLTE-Uu interface (not shown) or through an evolved Node B (eNB, notshown). Further, the MCData server 104 may couple to various access/coreelements of the network 106. For example, the MCData server 104 cancouple to a serving gateway/packet data gateway through one or moresuitable interface reference points. Various core elements such asmobile management entity (MME) and multimedia broadcast/multicastservice gateway (MBMS GW) may provide core 3GPP E-UTRAN services to theMCData server 104 and/or the MCData UEs 102 a-102 n, to facilitateMCData communication services by the network 106.

In an embodiment, the MCData UEs 102 a-102 n can be for e.g., anelectronic device, a User Equipment (UE), or the like. Each of theMCData UEs 102 a-102 n can include a MCData client (i.e., anapplication) for communicating with the MCData server 104. The firstMCData UE 102 a includes a first MCData client; the second MCData UE 102b includes a second MCData client and so on.

The MCData client residing at each of the MCData UEs 102 a-102 n, actsas user agent for all the MCData application transactions. The MCDataclient supports SDS, file distribution, data streaming and IPconnectivity MCData capabilities utilized by MCData services likeconversation management, robots control, enhanced status, databaseenquiries and secured internet.

The MCData server 104 provides centralized support for MCData servicessuite. Conversation management, robots, enhanced status, databaseenquiries and secured internet MCData services requiring one-to-one dataor group communication are realized using SDS, file distribution, datastreaming and internet protocol (IP) connectivity MCData communicationcapabilities. All the MCData clients supporting users belonging to asingle group are required to use the same MCData server 104 for thatgroup. In one embodiment, HTTP is used as communication transport meansfor MCData communication.

Now Referring to FIG. 1A, the MCData communication system 100 includesthe transmitting MCData UE 102 a, the MCData server 104 in the network106, the receiving MCData UE 102 b and a key management server (KMS) 108for providing security key for encrypting contents in the SDS message.The MCData server 104 facilitates/provides one-to-one unidirectional SDScommunication between the first MCData UE 102 a and the second MCData UE102 b through the network 106.

In one-to-one communication, the transmitting MCData UE 102 a transmitsthe SDS message to the receiving MCData UE 102 b. Initially, thetransmitting MCData UE 102 a identifies MC signaling parameters in aShort Data Service (SDS) message and MCData data payload. The MCsignaling parameters includes MCData signaling parameters, MCData datasignaling payload and End to end security parameters (informationrelated to security mechanism). The MCData signaling parameters includegeneric mission critical services signaling elements but not limited toa group identifier (ID), user ID and so on. The MCData data signalingpayload include information elements necessary for identification andmanagement of the MCData messages but not limited to a conversation ID,Transaction ID and a disposition request and so on. The MCData datapayload includes the actual user payload for MCData user or applicationconsumption in the form of text, binary, hyperlinks and so on.

In an embodiment, the first MCData UE 102 a applies encryption and/orintegrity protection to the MC signaling parameters (MCData signalingparameters, end-to-end security parameters and MCData data signalingpayload as described above) with the signaling plane security contextfor transmitting the SDS message to the receiving MCData UE 102 b.Further, the transmitting MCData UE 102 a applies protection to theMCData data payload in the SDS message using the media plane securitycontext.

In an embodiment, the encryption to the MCData data payload in the SDSmessage is applied using the media plane security context with a privatecall key (PCK) generated at the transmitting MCData UE. Further, anidentifier for the PCK is appended to each of the SDS messagetransmitted by the transmitting MCData UE to the receiving MCData UE.

The MCData server 104 decrypts the MC signaling parameters using the PCKreceived from KMS 108. Further, the MCData server 104 transmits theMCData data payload to the receiving MCData UE 102 b

The various embodiments for encrypting the SDS message for one-to-onecommunication are described in conjunction with figures in the laterparts of the description.

FIG. 1B illustrates an example MCData communication system in whichEnd-to-End security is provided for the SDS message over signaling in agroup communication, according to an embodiment as disclosed herein.

For group communication, the transmitting MCData UE 102 a appliesencryption and integrity protection, to the MC signaling parameters inthe SDS message with the signaling plane security context.

In an embodiment, the transmitting MCData UE 102 a applies encryption tothe MCData data payload in the SDS message using the media planesecurity. It should be noted that the encryption to the MCData datapayload in the SDS message is applied using the media plane securitycontext with a symmetric group master key (GMK) received from the groupmanagement server (GMS) 110 for performing group communication with thereceiving MCData UEs 102 b-102 n.

The group management server (GMS) 110 generates the GMK and transmitsthe key to the transmitting MCData UE 102 a and the one or morereceiving MCData UEs 102 b-102 n.

In an embodiment, an identifier for group key identifier (GMK-ID) isappended to each of the SDS message for uniquely identifying the SDSmessage during the group communication.

The receiving MCData UEs 102 b-102 n decrypt the MCData Data payloadusing the GMK-ID appended to each of the SDS message.

FIG. 2 is a block diagram illustrating various hardware components ofthe transmitting MCData UE 102 a, according to an embodiment asdisclosed herein. The transmitting MCData UE includes a communicator202, a MCData protection engine 204, a processor and memory.

In an embodiment, the communicator 202 can be configured to transmit theSDS message from the transmitting MCData UE 102 a to the receivingMCData UE 102 b in case of one-to-one MCData communication.

In another embodiment, the communicator 202 can be configured totransmit the SDS message from the transmitting MCData UE 102 a to thereceiving MCData UEs 102 b-102 n in case of one-to-one MCDatacommunication

Further, the communicator 202 can also be configured to receive theMCData disposition notification message from the receiving MCData UE 102b based on an information element enabled in the MCData request messageand transmit the MCData disposition notification to the first MCData UE102 a. The information element enabled in the MCData request message canbe one of a conversation identifier, a payload destination type, adisposition type and a transaction type.

The MCData protection engine 204 can be configured to apply encryptionand integrity protection to MC signaling parameters in the SDS messagewith the signaling plane security context for one-to-one and groupcommunication. Further, the MCData protection engine 204 can beconfigured to apply encryption to the MCData data payload in the SDSmessage using the media plane security context for the one of one-to-onecommunication and the group communication over the signalling plane.

In an embodiment, the processor 206 (for example; a hardware unit, anapparatus, a central processing unit (CPU), a graphics processing unit(GPU), etc.,) communicatively coupled to a memory 208 (e.g., a volatilememory and/or a non-volatile memory); the memory 208 includes storagelocations configured to be addressable through the processor 206.

In an embodiment, the memory 208 can be configured to store the MCDatadisposition notification messages received from the second MCData UEs102 b-102 n for disposition history interrogation from authorized MCDataUEs. The memory 208 may include non-volatile storage elements. Examplesof such non-volatile storage elements may include magnetic hard discs,optical discs, floppy discs, flash memories, or forms of electricallyprogrammable memories (EPROM) or electrically erasable and programmablememories (EEPROM). In addition, the memory 208 may, in some examples, beconsidered a non-transitory storage medium. The term “non-transitory”may indicate that the storage medium is not embodied in a carrier waveor a propagated signal. However, the term “non-transitory” should not beinterpreted that the memory 208 is non-movable. In some examples, thememory 208 can be configured to store larger amounts of information thanthe memory. In certain examples, a non-transitory storage medium maystore data that can, over time, change (e.g., in Random Access Memory(RAM) or cache).

FIG. 3 is a flow diagram 300 illustrating a method for providing theend-to-end security for the short data service (SDS) message oversignaling plane, according to an embodiment as disclosed herein. Thevarious steps of the flow diagram 300 are performed by the MCDataprotection engine 204 at the transmitting MCData UE 102 a.

At step 302, the method includes identifying MC signaling parameters ina short data service (SDS) message.

At step 304, the method includes applying at least one encryption andintegrity protection to the MC signaling parameters in the SDS messagewith the signaling plane security context.

At step 306, the method includes applying at least one of encryption andintegrity protection to the MCData data payload in the SDS message usinga media plane security context for one-to-one communication and groupcommunication.

FIG. 4 illustrates a Generic MCData SDS message format in plain text,according to an embodiment as disclosed herein. This message shouldcomprise of 2 levels of information as mentioned below.

SIP-Level: information elements or SIP headers necessary for the MCDataSDS message to traverse through the SIP system.

Application-Level: actual MCData SDS message contents meant for MCDataapplication.

To provide security context, the application-level data is segregatedinto three (3) sub components.

MCData signaling parameters: These are generic mission critical servicessignaling elements (information elements necessary for redirection ofthe SDS message to the intended recipient group or the user). Thesecontains information such as group-id, user-id etc. Such MCDatasignaling parameters is necessarily required at the MC Service serversfor appropriate redirection of the messages and should not be encryptedwith end-to-end security context, but can be protected using thesecurity context used for protection of signalling plane.

MCData data signaling payload: information elements necessary foridentification and management of the MCData SDS messages. These elementssuch as, conversation identifiers, transaction identifiers, dispositionrequests, date and time etc. are consumed by both, MCData servers andMCData clients. MCData servers require this information for dispositionhistory management for authorized users. If disposition historymanagement is required these parameters should not be end-to-endencrypted but can be protected using the security context uniquelyshared between the MCData server and MCData client. The MCData Datasignaling payload contains end-to-end security parameters specifying thecryptographic elements used to protect the data payload. In anembodiment MCData Data signaling payload and end-to-end securityparameters can be included as separate components.

MCData data payload: this is the actual user payload for MCData user orapplication consumption. These parameters may be end-to-end protectedeven when communicated over the signaling plane. But, if we use thecurrent (3GPP Release-13) state-of-art used for signaling planeprotection, then only hop-by-hop or point-to-point protection isachieved.

FIG. 4 illustrates a generic MCData SDS message format in plain text,according to an embodiment as disclosed herein. The MCData SDS messageas shown in the FIG. 4 includes information in two levels (i.e.,SIP-Level and Application-Level) as mentioned below.

The SIP-Level information includes elements or SIP headers which arerequired for the MCData SDS message to traverse through the SIP system.The Application-Level includes MCData SDS message contents intended forMCData application.

In order to provide end-to-end security for the SDS message, theApplication-Level information is partitioned as three sub componentswhich include MCData signaling parameters, MCData data signaling payloadand MCData Data payload.

MCData signaling parameters: These are information elements necessaryfor redirection of the SDS message to the intended recipient group orthe user. These parameters contain information such as group-id, user-idetc. The MC Service signaling information is required at the MCDataserver 104 for appropriate redirection of the SDS messages and shall notbe encrypted with end-to-end security, but can be protected using thesecurity context used for protection of signalling plane.

MCData data signaling payload: The MCData data signaling payload includeinformation elements necessary for identification and management of theMCData SDS messages. These elements such as, conversation identifiers,transaction identifiers, disposition requests, date and time etc. areutilized or consumed by the MCData server 104 and the MCData UEs. TheMCData server 104 requires this information for disposition historymanagement for authorized MCData users. If disposition historymanagement is required, then these parameters shall not be end-to-endencrypted but can be protected using the security context uniquelyshared between the transmitting MCData UE 102 a, MCData server 104 andthe receiving MCData UE 102 b.

MCData Data payload: The MCData Data payload represents the user datafor MCData user or for application consumption. The MCData Data payloadis End-to-End protected while communicated over the signalling plane.

FIG. 5 illustrates a MCData SDS message format with point-to-pointencryption, according to an embodiment as disclosed herein. As shown inthe FIG. 5, the transmitting MCData UE 102 a protects the MCDatasignaling parameters, the MCData Data signaling payload and the MCDataData payload with the signaling plane security context. When signalingplane security context is applied to the MCData Data payload, the MCDataData payload may be readable at the MCData server 104.

FIG. 6 illustrates a MCData SDS message format with end-to-endencryption, according to an embodiment as disclosed herein. As shown inthe FIG. 6, the transmitting MCData UE 102 a protects the MCDatasignaling parameters, the MCData Data signaling payload in the SDSmessage with the signaling plane security context.

In an embodiment, the transmitting MCData UE 102 a protects the MCDataData payload in the SDS message using the media plane security contextand further applies signaling plane security context to the MCData Datapayload as shown in the FIG. 6.

Hence, by encrypting and further applying integrity protection to theMCData data payload in the SDS message using the media plane securitycontext, the MCData Data payload is not readable at the MCData server104, which provides higher security and confidentiality. For lawfulinterception and monitoring, the MCData server 104 may store theencrypted MCData Data payload, which further can be obtained anddecrypted by the authorized receiving MCData UEs 102 b-102 n using theappropriate keys. The transmitting MCData UE 102 a includes thenecessary media plane security context parameters (such as key ID (forexample, MKI), session information (for example, SSRC) to generate thekey streams etc.) used for protection and the receiver MCData clientuses it to identify the appropriate security context (like, the key usedby the transmitting MCData UE 102 a).

With reference to the FIG. 6, the components of the SDS message areprotected as mentioned below.

SIP-Level: Plain text.

Application-Level:

a. MCData signaling parameters: Protected with signaling plane securitycontext

b. MCData Data signaling payload: Protected with signaling planesecurity context

c. MCData data payload: First protected with the media plane securitycontext, then protected again with the signaling plane security context(i.e., dual encryption)

FIG. 7 illustrates another MCData SDS message format with end-to-endencryption, according to an embodiment as disclosed herein. As shown inthe FIG. 7, the transmitting MCData UE 102 a protects the MCDatasignaling parameters, the MCData data signaling payload with signalingplane security context and the MCData data payload is protected with themedia plane security context.

The encryption of MCData data payload with media plane security context,the MCData data payload is not readable at the MCData server 104, whichprovides higher security and confidentiality. However, the protectedMCData Data payload is available at the SIP servers. For lawfulinterception and monitoring MCData server 104 or SIP server may storethe encrypted MCData Data payload, which further can be obtained anddecrypted by the authorized receiving MCData UEs 102 b-102 n. Thetransmitting MCData UE 102 a includes the necessary media plane securitycontext parameters (like key ID (for example, MKI), session information(for example, SSRC) to generate the key streams etc.) used forprotection and the receiver MCData client uses it to identify theappropriate security context (like, the key used by the transmitter).

With reference to the FIG. 6, the components of the SDS message areprotected as mentioned below:

SIP-Level: Plain text.

Application-Level:

a. MCData signaling parameters: Protected with signaling plane securitycontext

b. MCData Data signaling payload: Protected with signaling planesecurity context

c. MCData Data payload: Protected with media plane security context

FIG. 8 illustrates an alternate MCData SDS message format withend-to-end encryption, according to an embodiment as disclosed herein.In an embodiment an end-to-end protected MCData SDS message is shown inthe FIG. 8, where the transmitting MCData UE 102 a is provisioned with adedicated encryption/integrity protection key to encrypt/integrityprotect the MCData data payload when communicated over the signalingplane. With the message format as shown in the FIG. 8, the MCData datapayload is not readable at the MCData server 104, which provides highersecurity and confidentiality.

For lawful interception and monitoring, the MCData server 104 or SIPserver may store the encrypted MCData Data payload, which can beobtained and decrypted by the receiving MCData UEs 102 b-102 n. Thetransmitting MCData UE 102 a includes the necessary media plane securitycontext parameters (like key ID (for example, MKI), session information(for example, SSRC) to generate the key streams etc.) used forprotection and the receiver MCData client uses it to identify theappropriate security context (like, the key used by the transmittingMCData UE).

With reference to the FIG. 6, the components of the SDS message areprotected as mentioned below.

SIP-Level: Plain text.

Application-Level:

a. MCData signaling parameters: Protected with signaling plane securitycontext

b. MCData data signaling payload: Protected with signaling planesecurity context

c. MCData data payload: Protected with dedicated MCData Data payloadsignaling plane key, then protected with signaling plane securitycontext

The embodiments disclosed herein can be implemented using at least onesoftware program running on at least one hardware device and performingnetwork management functions to control the elements.

The foregoing description of the specific embodiments will so fullyreveal the general nature of the embodiments herein that others can, byapplying current knowledge, readily modify and/or adapt for variousapplications such specific embodiments without departing from thegeneric concept, and, therefore, such adaptations and modificationsshould and are intended to be comprehended within the meaning and rangeof equivalents of the disclosed embodiments. It is to be understood thatthe phraseology or terminology employed herein is for the purpose ofdescription and not of limitation. Therefore, while the embodimentsherein have been described in terms of preferred embodiments, thoseskilled in the art will recognize that the embodiments herein can bepracticed with modification within the spirit and scope of theembodiments as described herein.

What is claimed is:
 1. A method for transmitting a short data service(SDS) message over a signaling plane in a mission critical data (MCData)communication system by a MCData user equipment (MCData UE), the methodcomprising: applying encryption protection and integrity protection toMCData signaling parameters and MCData Data signaling payload in the SDSmessage with a signaling plane security context; applying encryptionprotection and integrity protection to MCData data payload in the SDSmessage based on an end to end security context; and transmitting theSDS message comprising the protected MCData data payload, the protectedMCData signaling parameters, and protected MCData Data signaling payloadover the signaling plane.
 2. The method of claim 1, wherein theencryption protection to the MCData data payload in the SDS message isapplied using a media plane security context with a private call key(PCK) for one-to-one communication.
 3. The method of claim 1, whereinthe SDS message comprises end-to-end security parameters specifyingcryptographic elements used to protect the MCData data payload.
 4. Themethod of claim 2, wherein the SDS message comprises an identifier forthe PCK.
 5. The method of claim 1, wherein the encryption protection tothe MCData data payload in the SDS message is applied using a mediaplane security context with a group master key (GMK) for a groupcommunication, wherein the GMK is received from a group managementserver (GMS), and wherein an identifier for GMK is appended to the SDSmessage.
 6. The method of claim 1, wherein the MCData signalingparameters comprises at least one of group ID or user ID.
 7. The methodof claim 1, wherein the MCData data signaling payload comprises at leastone of conversation identifiers, transaction identifiers, or dispositionrequests.
 8. The method of claim 1, wherein the MCData signalingparameters and the MCData data signaling payload between the MCData UEand a server are protected using a client-server key (CSK).
 9. Themethod of claim 1, wherein the MCData signaling parameters and theMCData data signaling payload between two offline clients are protectedusing a private call key (PCK).
 10. The method of claim 1, wherein theMCData signaling parameters and the MCData data signaling payloadbetween a group of offline clients are protected using a groupmanagement key, GMK.
 11. A mission critical data (MCData) user equipment(UE) for transmitting a short data service (SDS) message, over asignaling plane in a MCData communication system, the MCData UEcomprising: a transceiver; and at least one processor coupled with thetransceiver and configured to: apply at least one of encryptionprotection or integrity protection to MCData signaling parameters andMCData Data signaling payload in the SDS message with a signaling planesecurity context, apply encryption protection and integrity protectionto MCData data payload in the SDS message based on an end to endsecurity context, and transmit the SDS message comprising the protectedMCData data payload, the protected MCData signaling parameters, and theprotected MCData data signaling payload over the signaling plane. 12.The UE of claim 11, wherein the encryption protection to the MCData datapayload in the SDS message is applied using a media plane securitycontext with a private call key (PCK) for one-to-one communication. 13.The UE of claim 11, wherein the SDS message comprises end-to-endsecurity parameters specifying cryptographic elements used to protectthe MCData data payload.
 14. The UE of claim 12, wherein the SDS messagecomprises an identifier for the PCK.
 15. The UE of claim 11, wherein theencryption protection to the MCData data payload in the SDS message isapplied using a media plane security context with a group master key(GMK) for a group communication, wherein the GMK is received from agroup management server (GMS), and wherein an identifier for GMK isappended to the SDS message.
 16. The UE of claim 11, wherein the MCDatasignaling parameters comprises at least one of group ID or user ID. 17.The UE of claim 11, wherein the MCData data signaling payload comprisesat least one of conversation identifiers, transaction identifiers, ordisposition requests.
 18. The UE of claim 11, wherein the MCDatasignaling parameters and the MCData data signaling payload between theMCData UE and a server are protected using a client-server key (CSK).19. The UE of claim 11, wherein the MCData signaling parameters and theMCData data signaling payload between two offline clients are protectedusing a private call key (PCK).
 20. The UE of claim 11, wherein theMCData signaling parameters and the MCData data signaling payloadbetween a group of offline clients are protected using a groupmanagement key (GMK).